Security and Privacy

Measures for security and data protection
Protect your data with stashcat®

stashcat is the End-to-End Encrypted, Privacy Compliant Messenger with File Storage, Video Conferencing, and Calendar and Survey Module that connects all employees. The protection of personal data is a top priority. That’s why we provide you with highly secure technology that takes into account all relevant data protection regulations.

 

These include, in particular, the regulations of the German Telemedia Act (TMG) and the General Data Protection Regulation (GDPR). Below, we would like to inform you about data security in particular and the technical
measures taken for this purpose.

End-to-End Encryption

When you send messages, encryption is performed on the user’s terminal device, encrypting the data using a combination of AES (256bit) and RSA (4096bit) algorithms. All relevant data is transmitted in encrypted format on the way to and from the server and is also stored in encrypted format on the servers.

 

More details about true End-to-End Encryption

  • End-to-End Encryption
  • TLS transport encryption: 4096 bit RSA key
  • Signing algorithm: SHA256withRSA
  • Perfect Forward Secrecy to protect data from subsequent decryption of communication
  • Daily, automatic patching of SSL endpoints
  • Downgrade Attack Prevention
  • Secure Renegotiation

Backups at different locations

The operation of stashcat is provided by multiple redundant server systems. All user-related data in the Business Messenger is stored and processed in our high-security data centers. Periodic and automatic online backups prevent data loss due to hardware failure, virus attack or force majeure. This ensures that none of your data falls into the wrong hands or gets lost.

Servers in Germany

The servers of stashcat are located exclusively in Germany, all data is therefore handled in accordance with German data protection law. The data centers take the necessary technical and organizational measures for data security.

Höchste SSL-Standards

All transmitted data is secured by current SSL/TLS encryption methods. The security is based on 256 bit AES SSL/TLS encryption on the way between servers and clients.

Play Video

What does the GDPR mean for stashcat® users?

Transparent Privacy Policy

Privacy Policy and Terms of Use can be viewed at any time. We provide appropriate contact persons for your questions.

Secure hosting in Germany

The stashcat data center is located in Germany (Munich) and takes the necessary technical and organizational measures for data security.

No access to the user's phone book

stashcat runs independently of telephone and mobile numbers. The messenger doesn't access the personal phone book of your phone.

Data Deletion

stashcat enables the complete deletion of users and all associated personal data as soon as, for example, consent is withdrawn.

Encrypted Data Transmission

The deployment of stashcat is - as described before - completely encrypted.

Principle of Data Economy

As little personal data as possible is collected and processed. Technical measures to protect personal data, are part of the development of stashcat.

Data Processing Agreement (DPA)

When using stashcat, a user agreement is concluded with each individual user. This usage contract is based on the Terms of Use and the Privacy Policy of the portal. All information on the type of data processed, the purpose of data processing, the user groups concerned and on stashcat server locations can be obtained by the user from this Privacy Policy prior to account creation.

In addition to the conclusion of the user agreements of the individual users, the organization may conclude a Data Processing Agreement with stashcat GmbH. The template for the Processing Agreement can be found in the Organization Settings in stashcat. You can fill out the contract and keep it in your records to keep, it is not required to send it back.